redis-configuration-store.md

type	docs
title	Redis
linkTitle	Redis
description	Detailed information on the Redis configuration store component
aliases	/operations/components/setup-configuration-store/supported-configuration-stores/setup-redis/

Component format

To setup Redis configuration store create a component of type configuration.redis. See [this guide]({{% ref "howto-manage-configuration.md#configure-a-dapr-configuration-store" %}}) on how to create and apply a configuration store configuration.

apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
  name: <NAME>
spec:
  type: configuration.redis
  version: v1
  metadata:
  - name: redisHost
    value: <address>:6379
  - name: redisPassword
    value: **************
  - name: useEntraID
    value: "true"
  - name: enableTLS
    value: <bool>
  - name: insecureSkipTLSVerify
    value: <bool>

{{% alert title="Warning" color="warning" %}} The above example uses secrets as plain strings. It is recommended to use a secret store for the secrets as described [here]({{% ref component-secrets.md %}}). {{% /alert %}}

Spec metadata fields

Field	Required	Details	Example
redisHost	Y	Output	Connection-string for the redis host. If "redisType" is "cluster", it can be multiple hosts separated by commas or just a single host. When using Redis Sentinel ("failover" is "true"), multiple sentinel addresses can also be provided as comma-separated values.
redisPassword	N	Output	The Redis password
redisUsername	N	Output	Username for Redis host. Defaults to empty. Make sure your Redis server version is 6 or above, and have created acl rule correctly.
enableTLS	N	Output	If the Redis instance supports TLS with public certificates it can be configured to enable or disable TLS. Defaults to "false"
insecureSkipTLSVerify	N	Output	Skip TLS certificate verification when enableTLS is "true". Only use for testing. Defaults to "false"
clientCert	N	Output	The content of the client certificate, used for Redis instances that require client-side certificates. Must be used with clientKey and enableTLS must be set to true. It is recommended to use a secret store as described [here]({{% ref component-secrets.md %}})
clientKey	N	Output	The content of the client private key, used in conjunction with clientCert for authentication. It is recommended to use a secret store as described [here]({{% ref component-secrets.md %}})
failover	N	Output	Property to enable failover configuration. Needs sentinelMasterName to be set. When enabled, redisHost should contain the sentinel addresses. Defaults to "false"
sentinelMasterName	N	Output	The Sentinel master name. See Redis Sentinel Documentation
sentinelUsername	N	Output	Username for Redis Sentinel. Applicable only when "failover" is true, and Redis Sentinel has authentication enabled
sentinelPassword	N	Output	Password for Redis Sentinel. Applicable only when "failover" is true, and Redis Sentinel has authentication enabled
redisType	N	Output	The type of Redis. There are two valid values, one is "node" for single node mode, the other is "cluster" for Redis cluster mode. Defaults to "node".
redisDB	N	Output	Database selected after connecting to Redis. If "redisType" is "cluster", this option is ignored. Defaults to "0".
redisMaxRetries	N	Output	Maximum number of times to retry commands before giving up. Default is to not retry failed commands.
redisMinRetryInterval	N	Output	Minimum backoff for Redis commands between each retry. Default is "8ms"; "-1" disables backoff.
redisMaxRetryInterval	N	Output	Maximum backoff for Redis commands between each retry. Default is "512ms";"-1" disables backoff.
dialTimeout	N	Output	Dial timeout for establishing new connections. Defaults to "5s".
readTimeout	N	Output	Timeout for socket reads. If reached, Redis commands fail with a timeout instead of blocking. Defaults to "3s", "-1" for no timeout.
writeTimeout	N	Output	Timeout for socket writes. If reached, Redis commands fail with a timeout instead of blocking. Defaults is readTimeout.
poolSize	N	Output	Maximum number of socket connections. Default is 10 connections per every CPU as reported by runtime.NumCPU.
poolTimeout	N	Output	Amount of time client waits for a connection if all connections are busy before returning an error. Default is readTimeout + 1 second.
maxConnAge	N	Output	Connection age at which the client retires (closes) the connection. Default is to not close aged connections.
minIdleConns	N	Output	Minimum number of idle connections to keep open in order to avoid the performance degradation associated with creating new connections. Defaults to "0".
idleCheckFrequency	N	Output	Frequency of idle checks made by idle connections reaper. Default is "1m". "-1" disables idle connections reaper.
idleTimeout	N	Output	Amount of time after which the client closes idle connections. Should be less than server's timeout. Default is "5m". "-1" disables idle timeout check.

Setup Redis

Dapr can use any Redis instance: containerized, running on your local dev machine, or a managed cloud service.

{{< tabpane text=true >}}

{{% tab "Self-Hosted" %}} A Redis instance is automatically created as a Docker container when you run dapr init {{% /tab %}}

{{% tab "Kubernetes" %}} You can use Helm to quickly create a Redis instance in our Kubernetes cluster. This approach requires Installing Helm.

1. Install Redis into your cluster. Note that we're explicitly setting an image tag to get a version greater than 5, which is what Dapr' pub/sub functionality requires. If you're intending on using Redis as just a state store (and not for pub/sub), you do not have to set the image version.

   helm repo add bitnami https://charts.bitnami.com/bitnami
   helm install redis bitnami/redis --set image.tag=6.2

2. Run kubectl get pods to see the Redis containers now running in your cluster.

3. Add redis-master:6379 as the redisHost in your redis.yaml file. For example:

       metadata:
       - name: redisHost
         value: redis-master:6379

4. Next, get the Redis password, which is slightly different depending on the OS we're using:

   • Windows: Run kubectl get secret --namespace default redis -o jsonpath="{.data.redis-password}" > encoded.b64, which creates a file with your encoded password. Next, run certutil -decode encoded.b64 password.txt, which will put your redis password in a text file called password.txt. Copy the password and delete the two files.

   • Linux/MacOS: Run kubectl get secret --namespace default redis -o jsonpath="{.data.redis-password}" | base64 --decode and copy the outputted password.

   Add this password as the redisPassword value in your redis.yaml file. For example:

       metadata:
       - name: redisPassword
         value: lhDOkwTlp0

{{% /tab %}}

{{% tab "AWS" %}} AWS Redis {{% /tab %}}

{{% tab "Azure" %}}

1. Create an Azure Cache for Redis instance using the official Microsoft documentation.

2. Once your instance is created, grab the Host name (FQDN) and your access key from the Azure portal.

   • For the Host name:
     • Navigate to the resource's Overview page.
     • Copy the Host name value.
   • For your access key:
     • Navigate to Settings > Access Keys.
     • Copy and save your key.

3. Add your key and your host name to a redis.yaml file that Dapr can apply to your cluster.

   • If you're running a sample, add the host and key to the provided redis.yaml.
   • If you're creating a project from the ground up, create a redis.yaml file as specified in the Component format section.

4. Set the redisHost key to [HOST NAME FROM PREVIOUS STEP]:6379 and the redisPassword key to the key you saved earlier.

   Note: In a production-grade application, follow [secret management]({{% ref component-secrets.md %}}) instructions to securely manage your secrets.

5. Enable EntraID support:

   • Enable Entra ID authentication on your Azure Redis server. This may takes a few minutes.
   • Set useEntraID to "true" to implement EntraID support for Azure Cache for Redis.

6. Set enableTLS to "true" to support TLS.

Note:useEntraID assumes that either your UserPrincipal (via AzureCLICredential) or the SystemAssigned managed identity have the RedisDataOwner role permission. If a user-assigned identity is used, [you need to specify the azureClientID property]({{% ref "howto-mi.md#set-up-identities-in-your-component" %}}).

{{% /tab %}}

{{% tab "GCP" %}} GCP Cloud MemoryStore {{% /tab %}}

{{< /tabpane >}}

Redis Sentinel configuration

When using Redis Sentinel for high availability, set redisType to "node", enable failover mode with failover: "true", and provide the sentinel master name. Multiple sentinel addresses can be specified as a comma-separated list in the redisHost field for redundancy.

```yaml
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
  name: redis-pubsub
spec:
  type: pubsub.redis
  version: v1
  metadata:
  - name: redisHost
    value: "sentinel1:26379,sentinel2:26379,sentinel3:26379"
  - name: redisType
    value: "node"
  - name: failover
    value: "true"
  - name: sentinelMasterName
    value: "mymaster"
```

Related links

• [Basic schema for a Dapr component]({{% ref component-schema %}})
• Read [How-To: Manage configuration from a store]({{% ref "howto-manage-configuration" %}}) for instructions on how to use Redis as a configuration store.
• [Configuration building block]({{% ref configuration-api-overview %}})